Widespread Facebook Application Installs Adware

E-mail
Print
Comment

Jan 8, 2008, News Report

Users of the popular Facebook social-networking site are being warned to exercise care over which applications they install following the discovery of a "Secret Crush" app that downloads adware onto their PC.

The Secret Crush application, which at the time of writing has over 50,000 daily users on Facebook, invites people to find out who amongst their friends has a secret crush on them. Users tempted to discover more have to invite at least five other Facebook users to install the application before their mystery admirer is revealed.

However, no secret crush is ever revealed. Instead users are directed to an external Web site which invites Facebook users to download potentially unwanted applications such as MyWebSearch that will display pop-up advertising.

"Whoever wrote this Secret Crush application is cashing-in big time, by encouraging people to download the adware. As an affiliate for the people displaying the nuisance pop-up adverts, they are getting paid for each successful installation," said Graham Cluley, senior technology consultant for Sophos. "Facebook users must show greater discretion about how they use the site, and which applications they install. These third party widgets are not written by Facebook, and can mean that you are carelessly sharing your personal information with strangers or risking your computer's security."

Experts believe that companies need to set policies regarding Facebook usage, and implement Web security solutions, to prevent dangers entering the workplace.

"Companies need to make their own mind up as to whether they want to allow their users to access Web sites like Facebook and MySpace during office hours. If workers are allowed to be given access to these sites then it's vital that they do not put their personal and corporate data at risk," explained Cluley. "If your users are installing third party Facebook applications in the office they could potentially be bringing adware, spyware and malware into your organization at the same time. The best defense is for businesses to defend themselves with a Web security and control appliance which can filter internet access and prevent the downloading of malicious code."

Sophos notes that although Facebook appears to have removed Secret Crush from its search results, it is still possible at the time of writing to install the offending application.

"Facebook has thousands of third party applications available on its site for members to install, and it's obviously proving impossible for them to police them all," continued Cluley. "The message from Facebook to its users appears to be 'add third party applications at your own risk'."

If You Liked This Article, You May Also Like...

Latest Government Technology News

Public-Sector CIOs List Top 10 Priorities for 2009 - Nov 19
NASA Successfully Tests First Deep Space Internet - Nov 19
Hurricanes Gustav, Hanna and Ike Prompt Millions of Emergency Alerts in 2008 Storm Season - Nov 19
Justice Department Issues Report on Telecommunications - Nov 18
Workforce Portal for Illinois - Nov 18

Industry Solutions for Government

Read real world deployments of technology in government from our sponsors.

View All Industry Solutions

Marketplace

This section
brought to you by:

Identity and Access Management Survey

Take the survey to:

Win 1 of 10 $25 Amazon Gift Cards!
Download the Center for Digital Government's: I Am Who I Say I Am whitepaper

Take the Survey Now!

SF Health Plan

Yes! I would like more information about CA's solutions for Government.

Security Management

The Evolution of Identity and Access Management IAM has become a key tool in the organization’s security and risk management efforts. Many Govt. organizations however, are not realizing the potential of a fully evolved IAM solution. This paper helps them achieve that goal.

How can a comprehensive IAM solution help me reduce security risk and achieve easier compliance? Identity and Access Management (IAM) solutions help you manage users and their access to your IT resources while acheving more effective compliance.

IT Governance

IT Governance: Making the Difference in Cities, Counties and States Project and portfolio management helps government respond to old and new challenges. Featuring case studies from California Department of Agriculture, New York City, and Oakland County, Michigan.

CA Information Governance Solution Brief The CA Information Governance solution helps you solve an array of challenges with unique offerings including federated records management, email management, retention management and business process automation.

Enterprise Management

IT Network Management: State and Local Governments Face New Challenges Network and voice management tools help agancies get optimum performance from today's increasingly complex networks.

Success Stories: San Francisco Health Plan San Francisco Health Plan helps more people access affordable healthcare by simplifying IT management

Success Stories: Social Services Agency, County of Santa Clara County of Santa Clara improves the quality of social services with simplified IT management

CA Network & Voice Management Solution Brief Integrated, fault and performance management for end-to-end service assurance of multi-vendor, multi-technology converged networks.

Risk Compliance and Best Practices

Key Trends in the IAM Market and how CA's R12 Suite Addresses these Trends Identity and Access Management (IAM) has been a major force in the enterprise IT marketplace for years now.This paper will address the question: What's driving interest in IAM solutions?

Network and VoiceManagement for Evolving Business IT management specialist CA provides a foundation for delivering the value of unified network and voice management

A Vision for Dynamic Business Service Management By applying new levels of consolidation, automation and insight, dynamic Business Svc Mgt delivers improved service levels and cost controls

Deploying the CMDB for Change & Configuration Management The Configuration Management Database (CMDB) plays a critical role within the ITIL framework.

The Changing Face of Network Management Automated NCCM tools reduce the downtime and degradation caused by configuration changes.

Magazines: Magazine Sites, Government Technology, Digital Communities, Public CIO, Emergency Management, Texas Technology, Email Newsletters, Advertise

Resources: Site Map, Search, Events,
Video, Government Articles, Slide Shows, Case Studies, Privacy Policy, News Feeds (RSS), MyGT

Top 10 News Topics: CIO/CTO, Economic Development, Emergency Management, Funding, Geospatial, Green Initiatives, Health Services, Policy/Management, Public Safety/Justice, Security, All Government News

Site owned by e.Republic, Inc., the nation's leading publishing, research, event, and new media company focused on information technology for the state/local government and education markets. Copyright © 1995-2008. All rights reserved. eRepublic, Inc.

Government Technology Magazine

Government Technology Magazine provides information technology (IT) case studies, applications, news and best practices for state, city and county government.

Get FREE Subscription

Emergency Management Magazine

Emergency Management Magazine provides technology news and solutions to the local government authorities that help protect our communities.

Get FREE Subscription

Public CIO Magazine

Public CIO Magazine provides technology news and solutions to public sector C-level technology executives.

Get FREE Subscription

Digital Communities Magazine

Digital Communities Magazine is the premier information source for cities, counties and regions to explore and share experiences and best practices beyond just infrastructure and mobile innovations.

Get FREE Subscription